package com.lelouch.wetlandweb.shiro.realm;


import com.lelouch.wetlandcommon.domain.UserEntity;
import com.lelouch.wetlandcommon.tools.MD5Tool;
import com.lelouch.wetlandweb.service.account.UserEntityService;
import lombok.extern.slf4j.Slf4j;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.session.Session;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;

import java.util.HashSet;
import java.util.Set;

@Slf4j
public class LoginRealm extends AuthorizingRealm {

    @Autowired
    private UserEntityService userEntityService;

    @Override
    //传过来的token中的密码要跟数据库中的一致，不然返回SimpleAuthenticationInfo会出错
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
        log.info("登录认证");
        String userName = (String) token.getPrincipal();
        String password = new String((char[]) token.getCredentials());
        log.info("用户名为:{}", userName);
        //System.out.println(userEntityService);
        UserEntity userEntity = userEntityService.findByUsername(userName);
        //这里校验了，CredentialsMatcher就不需要了，如果这里不校验，调用CredentialsMatcher校验
        if (userEntity == null) {
            log.error("用户名错误!");
            throw new UnknownAccountException("用户名错误！");
        }

        if (!password.equals(userEntity.getPassWord())) {
            log.error("密码错误!");
            throw new IncorrectCredentialsException("密码错误！");
        }
        return new SimpleAuthenticationInfo(userName, password, getName());
    }

    public static void main(String[] args) {
        //String hashAlgorithmName = "MD5";
        //Object credentials = "123456";
        ////Object salt = ByteSource.Util.bytes("user");;
        //Object salt = "admin";
        //int hashIterations = 1024;
        //
        //Object result = new SimpleHash(hashAlgorithmName, credentials, salt, hashIterations);
        //System.out.println(result);
        String codingPassword = MD5Tool.str2Md5("aohan123456");
        System.out.println(codingPassword);
    }

    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
        return null;
    }


    //@Override
    //protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
    //    log.info("权限验证");
    //    //权限名的集合
    //    Set<String> permissions = new HashSet<>();
    //    Subject currentUser = SecurityUtils.getSubject();
    //    Session session = currentUser.getSession();
    //    permissions = (Set<String>) session.getAttribute("authority");
    //    SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
    //    authorizationInfo.addStringPermissions(permissions);
    //    return authorizationInfo;
    //}
}
